Cyber Security Lead

Job Description

Primary skills: Cybersecurity operations, program  governance, risk management, and compliance oversight.Endpoint , Email security, SIEM, Network security, BCPDR, Vulnerability Management
Secondary skills: Cybersecurity compliance disciplines and skillset

Job Responsibilities:

1. Daily operational delivery – Work hand in hand with identified customer security leadership teams and offshore security lead/SME’s of individual cyber technology towers; to deliver day-to-day cyber security oversight onsite. A typical day includes:
1. Morning check-in with client security/IT leads
2. Review of overnight SOC alerts
3. Review security dashboards/metrics (SIEM health, endpoint coverage, critical control status) and confirm telemetry is flowing
4. Vulnerability scans and ticket queues
5. Triage and risk-based prioritization of issues; coordination with infrastructure, application, network and IAM teams for remediation.
6. Validate patching and remediation progress for top risks (critical CVEs, misconfigurations) and remove blockers
7. Review/approval of security exceptions and change requests
8. Participation in project and architecture discussions to embed security controls early; walkthroughs of compliance/audit evidence needs and policy adherence
9. Status reporting (metrics, risks, blockers, and actions) to stakeholders
10. End-of-day follow-up to confirm progress, escalate urgent items, and prepare the next day’s priorities.
11. Check privileged access activity (PAM alerts, break-glass use, new admin grants) and confirm approvals are documented
12. Oversee EDR/AV exceptions (new exclusions, tuning requests) and ensure compensating controls are in place
13. Daily incident readiness actions: confirm on-call/escalation paths, validate open incident tickets, and run quick “what changed?” checks
14. Threat intel / emerging risk review relevant to the client environment and translate into actionable checks/hunts
15. Run/coordinate a short risk & issue triage huddle (top 5 risks, new findings, due dates, owners)
16. Vendor/service review touchpoints (SOC/SIEM provider quality, false-positive tuning, SLA adherence)
17. Communicate security advisories to onsite teams (maintenance windows, high-risk findings, required user actions)
2. Provide Cyber Security Leadership - Provide leadership in all security areas to ensure our external system partners are minimizing cyber security risks, this includes the following areas of security specialization:
   • Security Architecture
   • Governance, Risk & Compliance
   • Identity and Access management
   • Firewall architecture and integration
   • Cyber Threat Research
   • Vulnerability Assessment and Pen testing
   • Security Project Management
   • SOC Analysis
3. Security Operations – Oversee all security operations including managing our external SOC relationship and activities to ensure their correct classification of vulnerabilities/issues and their timely resolution. Provide risk-based activities prioritization, tracking, reporting, and liaising with external vendors and internal stakeholders. Develop a budget and operating plan for the security program. Exercise good judgement when dealing with issues and ensuring a sense of urgency in their resolution while remaining calm and focused.
4. Security Planning and Projects - Design, implement, and maintain cyber security plan that includes an evaluation method to assess the security program strengths and identify areas for improvement. Initiate, oversee, and report on projects that will improve our security stance. Lead the planning and the decision support process for the security program, coordinating with a variety of internal stakeholders & senior executives. Research and evaluate new cybersecurity threats, IT trends, and security controls. Ensure response plans are kept up to date and communicated to leadership in addition to leading preparation sessions for cyber response (tabletop) and leading forensic investigations when necessary.
5. Security Processes - Develop, implement, and oversee enforcement of security policies, procedures and work plans based on industry best practices. Ensure that IT security audits are conducted. Develop and deliver cyber training and testing. Produce reports that help drive a strong cyber security position that provide enough detail for action, but in a format that can be easily understood by management. Drive a culture to stay current on the latest cyber security trends, emerging technologies, threats, and incorporate appropriate safeguards into our security program.
6. People Management – Develop effective relationships with strategic systems providers, external SOC/SIEM provider(s). Mentor members of the IT team to ensure continued growth & understanding of the cyber security landscape. Supervision of junior cyber security personnel.